#378 — March 4, 2021 Read on the Web 👋 To help with the ‘no big news in the Node world this week’ problem we’re encountering sometimes, we’re interviewing maintainers of different Node projects so you can get a look Read more…
Deno 1.8, released on March 2, offers preliminary support for an API to bring enhanced machine learning to the secure JavaScript/TypeScript runtime. Experimental backing for the WebGPU API, for performing operations such as rendering and computation on a GPU, provides Read more…
Notable Changes [ 1a3e3156b52 ] – (SEMVER-MINOR) crypto: make FIPS related options always awailable (Vít Ondruch) #36341 [ 19ba5c0f9ba ] – (SEMVER-MINOR) errors: remove experimental from –enable-source-maps (Benjamin Coe) #37362 Commits [ 1d039e6fa80 ] – assert: refactor to avoid unsafe Read more…
#377 — February 25, 2021 Read on the Web Node Weekly Tauri: A New(ish) Framework for Building Desktop Apps with a Web Frontend — Electron is the big cheese in the ‘build desktop apps with JavaScript, HTML and CSS’ space but Read more…
Notable changes Vulnerabilities fixed: CVE-2021-22883: HTTP2 ‘unknownProtocol’ cause Denial of Service by resource exhaustion Affected Node.js versions are vulnerable to denial of service attacks when too many connection attempts with an ‘unknownProtocol’ are established. This leads to a leak of Read more…
Notable changes Vulnerabilities fixed: CVE-2021-22883: HTTP2 ‘unknownProtocol’ cause Denial of Service by resource exhaustion Affected Node.js versions are vulnerable to denial of service attacks when too many connection attempts with an ‘unknownProtocol’ are established. This leads to a leak of Read more…
Notable changes Vulnerabilities fixed: CVE-2021-22883: HTTP2 ‘unknownProtocol’ cause Denial of Service by resource exhaustion Affected Node.js versions are vulnerable to denial of service attacks when too many connection attempts with an ‘unknownProtocol’ are established. This leads to a leak of Read more…
Notable changes Vulnerabilities fixed: CVE-2021-22883: HTTP2 ‘unknownProtocol’ cause Denial of Service by resource exhaustion Affected Node.js versions are vulnerable to denial of service attacks when too many connection attempts with an ‘unknownProtocol’ are established. This leads to a leak of Read more…
Summary The Node.js project will release new versions of all supported release lines on or shortly after Tuesday, February 23th, 2021. One Critical serverity issue One High serverity issue One Low serverity issue Impact The 15.x release line of Node.js Read more…
#376 — February 18, 2021 Read on the Web Node Weekly Avoiding npm Substitution Attacks — Recently there have been some high profile examples of supply chain attacks on popular source code repositories, such as where fake or eponymous packages Read more…
